A Closer Look at the Future Digital Immutable Identities

With physical books quickly becoming antiquities, it’s quite quaint to consider that we still carry a small book of paper in our pocket that provides us with the only way we are able to enter or even leave a country. Passports are not only expensive, but in most cases, especially in developing nations they are also a luxury. Take the Turkish Passport for example; applying for one will set you back $251 which is roughly equivalent to working for 95 hours on minimum wage; making it virtually inaccessible to a large portion of Turks. For refugees or those from failing governments that can no longer access information or records to prove who they are it becomes a paradox.

As a result, digital identities have become one of the more meaningful technology trends on the planet at the moment, but not all countries are taking notice of this. According to a recent survey by the Pew research center there has been a remarkable increase in smartphone ownership and internet usage in both emerging and developed economies. What if we could use our smartphones to not only identify ourselves, but also make transactions, sign documents and to do so securely without having to go through third parties? What if we could truly own our digital identity? Technically, it’s already possible. The discussions around forging self-sovereign identities is definitely interesting and the possibilities for Digital IDs are truly endless, but in reality – especially at a national level; we’re just not there yet.

Theoretically the Estonian e-Residency would allow a Malaysian entrepreneur to start an EU company that she can run from the comfort of her home in KL to serve clientele based all over the world making use of the EU’s extensive free trade agreements. She’d also be able to use her digital signature to sign contracts with customers throughout the European Union. Its 2018, we can essentially run a location independent company completely online with minimal hassle.

With the Trump administration tightening the requirements for the popular H-1B Visa, the launch of the Estonian e-residency program could not have come at a better time. Immigrants are widely perceived as being highly entrepreneurial and important for economic growth and innovation. This is reflected in immigration policies in many developed countries who have created special visas and entry requirements in an attempt to attract immigrant entrepreneurs.

So what constitutes an Estonian Digital ID?

The Digital ID essentially comprises of three domains, the authentication domain, identification domain and most importantly the authorisation domain. The identification domain allows the cardholder to be ID-ed properly just like any other ordinary ID card but the beauty of the Digital ID lies in the other two domains; namely the authentication and authorisation aspects. These two aspects of the Digital ID allow one to digitally sign documents, access secure services, and make secure transactions — without ever having to set foot in Estonia. The digital ID card and e-services are built on state-of-the-art technological solutions, including 2048-bit public key encryption. The digital ID card contains a microchip with two security certificates: PIN1 for authentication and PIN2 for digital signing.

So what exactly makes this Digital ID secure?

Put simply – Blockchains; the underlying distributed ledger technology used for Bitcoin and other decentralised crypto-currencies. Estonia has had its fair share of cyber attacks over the years but nothing came close to the magnitude of the infamous 2007 cyber attack that was waged on them. To prevent a reoccurrence of the attack they developed their own scalable blockchain technology called KSI ‘to ensure integrity of data stored in government repositories and to protect their data against insider threats.’ Some described the attack as a blessing in disguise as it turned Estonia into the cyber security giant that it is now today; hosting both the NATO Cooperative Cyber Defence Centre of Excellence.

Sceptics in the fringes of the cryptosphere have questioned the authenticity of the Blockchain applied in the Estonian digital IDs citing Tarvi Marten’s (one of the masterminds behind the ID) explanation on how the KSI blockchain functions in a Digital Identity Management book from nearly a decade ago. He said “Long-time validity of these [digitally-signed] documents is secured by logging of issued validity confirmations by the Validation Authority. This log is cryptographically secured by one-way hash-function and newspaper-publication to prevent backdating and carefully backed up to preserve digital history of mankind.”

Regardless of whatever side of the debate you’re on, there’s no denying that Estonia is paving the way for other governments and shifting the paradigm for the better. The silo-ed approaches governments have long taken when building infrastructure are quickly becoming obsolete. The same centralised governance models that were first introduced when nation states were coalescing are still used in most countries today. The old style centralised databases will soon be replaced with shared non-redundant trustworthy systems where there is a more fluid interoperability between different actors. This shift towards embracing technologies that can better serve people can only be commended.

Please contact us if you would like to learn more about Digital IDs. BCE is keen on exploring broader applications of Digital IDs and collaborating with entities that are working to make it a reality.

Mahamed Hagi is a VC INSIDER NEWS columnist. Mahamed Hagi, together with the team at Blockchain Embassy Asia, works to educate and promote blockchain governance as a method for collaboration between organisations, entities and existing communities across Asia.